Transient pliant encryption with indicative nano display cards

ABSTRACT

Embodiments of the present invention provide a system for secure communication of information that may be used to authorize communications or transfer of resources by use of a transient pliant encryption mechanism in conjunction with an indicative nano-display. The provided systems, methods, and computer program products are designed to select and apply multiple encryption algorithms in a varied fashion and update displayed information on a nano-display. Credentials for a user may be stored and securely communicated via a transient nano-display that is updated at a configured interval of time and is indecipherable to unauthorized third parties.

BACKGROUND

The transmission of resources can occur quickly and securely through theuse of modern resource transfer mechanisms. While the simplicity oftransferring information via a personalized resource transfer card istraditionally welcomed, resource security concerns arise when thesensitive resources are being transmitted. As such, additional securitymeasures, including the use of secure dynamic authorization credentialvalues, are desired to protect the integrity of sensitive resources inresource transfer interactions.

BRIEF SUMMARY

The following presents a summary of certain embodiments of theinvention. This summary is not intended to identify key or criticalelements of all embodiments nor delineate the scope of any or allembodiments. Its sole purpose is to present certain concepts andelements of one or more embodiments in a summary form as a prelude tothe more detailed description that follows.

Embodiments of the present invention address the above needs and/orachieve other advantages by providing apparatuses (e.g., a system,computer program product and/or other devices) and methods for securecontactless distribution of dynamic resources. The system embodimentsmay comprise one or more memory devices having computer readable programcode stored thereon, a communication device, and one or more processingdevices operatively coupled to the one or more memory devices, whereinthe one or more processing devices are configured to execute thecomputer readable program code to carry out the invention. In computerprogram product embodiments of the invention, the computer programproduct comprises at least one non-transitory computer readable mediumcomprising computer readable instructions for carrying out theinvention. Computer implemented method embodiments of the invention maycomprise providing a computing system comprising a computer processingdevice and a non-transitory computer readable medium, where the computerreadable medium comprises configured computer program instruction code,such that when said instruction code is operated by said computerprocessing device, said computer processing device performs certainoperations to carry out the invention.

For sample, illustrative purposes, system environments will besummarized. The system may generally comprise a system for transientpliant encryption with indicative nano-display cards, the systemcomprising: a memory device; and a processing device operatively coupledto the memory device, wherein the processing device is configured toexecute computer-readable program code to: receive and store usercredentials for a user; periodically double encrypt the stored usercredentials at a specified interval of time; and display the encrypteduser credentials via a nano-display, wherein the nano-display comprisesan array of fields indicating the encrypted user credentials.

In some embodiments, the array of fields maps to encrypted usercredentials and values indicating the one or more encryption algorithmsused to encrypt the user credentials.

In some embodiments, the values indicating the one or more encryptionalgorithms used to encrypt the user credentials are randomly positionedin a different field on the array of fields for each successiveencryption.

In some embodiments, double encrypting the stored user credentials at aspecified interval of time further comprises; selecting two encryptionsalgorithms from a repository of stored encryptions algorithms; andensuring that encrypted output from the two selected encryptionalgorithms does not produce an identical value for an identical field onthe nano-display as compared to the immediately preceding encryptionoutput.

In some embodiments, the array of fields indicated the encrypted usercredentials further comprises multiple colorized fields, wherein a colordisplayed on the multiple colorized fields indicates an alphanumericcharacter.

In some embodiments, the nano-display further comprises a light emittingdiode display configured to display prestored colored images.

The features, functions, and advantages that have been discussed may beachieved independently in various embodiments of the present inventionor may be combined with yet other embodiments, further details of whichcan be seen with reference to the following description and drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

Having thus described embodiments of the invention in general terms,reference will now be made the accompanying drawings, wherein:

FIG. 1 provides a block diagram illustrating a system environment fortransient pliant encryption with indicative nano-display cards, inaccordance with an embodiment of the invention;

FIG. 2 provides a block diagram illustrating the managing entity systemof FIG. 1, in accordance with an embodiment of the invention;

FIG. 3 provides a block diagram illustrating the resource distributionsystem FIG. 1, in accordance with an embodiment of the invention;

FIG. 4 provides a block diagram illustrating the computing device systemof FIG. 1, in accordance with an embodiment of the invention;

FIG. 5 provides a block diagram to illustrate one embodiment of anano-display, in accordance with embodiments of the invention;

FIG. 6 provides a block diagram of a nano-display card and displayedinformation, in accordance with one embodiment of the invention;

FIG. 7 provides a block diagram to illustrate the interface betweennano-display card and card reader device system, in accordance withembodiments of the invention; and

FIG. 8 provides a flowchart illustrating a process for transient pliantencryption with indicative nano-display cards, in accordance with anembodiment of the invention.

DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION

Embodiments of the present invention will now be described more fullyhereinafter with reference to the accompanying drawings, in which some,but not all, embodiments of the invention are shown. Indeed, theinvention may be embodied in many different forms and should not beconstrued as limited to the embodiments set forth herein; rather, theseembodiments are provided so that this disclosure will satisfy applicablelegal requirements. Where possible, any terms expressed in the singularform herein are meant to also include the plural form and vice versa,unless explicitly stated otherwise. Also, as used herein, the term “a”and/or “an” shall mean “one or more,” even though the phrase “one ormore” is also used herein. Furthermore, when it is said herein thatsomething is “based on” something else, it may be based on one or moreother things as well. In other words, unless expressly indicatedotherwise, as used herein “based on” means “based at least in part on”or “based at least partially on.” Like numbers refer to like elementsthroughout.

FIG. 1 provides a block diagram illustrating a system environment 100for transient pliant encryption with indicative nano-display cards, inaccordance with an embodiment of the invention. As illustrated in FIG.1, the environment 100 includes a managing entity system 200, a resourcedistribution system 300, one or more computing device systems 400, anano-display card 120 (e.g., a physical card with embeddednano-display), one or more card reader device systems 130, and one ormore third party systems 140. One or more users 110 may be included inthe system environment 100. In some embodiments, the user(s) 110 of thesystem environment 100 may be customers of a managing entity thatcontrols or otherwise owns the managing entity system 200 and may, insome embodiments, comprise a financial institution.

The managing entity system 200, the resource distribution system 300,the one or more computing device systems 400, the nano-display card 120,the card reader device system 130, and/or the third party system 140 maybe in network communication across the system environment 100 throughthe network 150. The network 150 may include a local area network (LAN),a wide area network (WAN), and/or a global area network (GAN). Thenetwork 150 may provide for wireline, wireless, or a combination ofwireline and wireless communication between devices in the network. Inone embodiment, the network 150 includes the Internet. In someembodiments, the nano-display card 120 may be in connection with thenetwork 150 only when the nano-display card 120 is within an interactiondistance of the card reader device system 130, the third party system140, or the computing device system 400, where the NFC interactiondistance is a distance between the nano-display card 120 and readerdevice at which communication of information stored in the nano-displaycard 120 can occur.

The managing entity system 200 may be a system owned or otherwisecontrolled by a managing entity to perform one or more process stepsdescribed herein. In some embodiments, the managing entity is afinancial institution. In general, the managing entity system 200 isconfigured to communicate information or instructions with the resourcedistribution system 300, the one or more computing device systems 400,and/or the third party system 140 across the network 150. For example,the managing entity system 200 may maintain account data for the user110 and therefore may receive a transaction request associated with theuser 110 (e.g., via a third party system 140 comprising a merchantsystem), compare received information to an internal database associatedwith the user 110, and transmit authentication or other approvalinformation to the resource distribution system 300, the card readerdevice system 130, the third party system 140, the computing devicesystem 400, or the like. Of course, the managing entity system 200 maybe configured to perform (or instruct other systems to perform) one ormore other process steps described herein. The managing entity system200 is described in more detail with respect to FIG. 2.

The resource distribution system 300 may be a system owned or controlledby the managing entity and/or a third party that specializes intransactions involving nano-display cards, dynamic card verificationvalue systems, user authentication systems, transaction rule systems,and the like. In some embodiments, at least a portion of the resourcedistribution system 300 may be controlled by or otherwise be a componentof the managing entity system 200. In general, the resource distributionsystem 300 is configured to communicate information or instructions withthe managing entity system 200, the one or more computing device systems400, the nano-display card 120, the card reader device system 130,and/or the third party system 140 across the network 150.

For example, the resource distribution system 300 may receive dynamicdata values from the third party system 140, the managing entity system200, the computing device system 400, the card reader device system 130,or the nano-display card 120 (e.g., indirectly, via another system). Theresource distribution system 300 may then compare received dynamic datavalues to an expected dynamic data value stored associated with the userto determine whether the dynamic data value matches the expected dynamicdata value and automatically cause the computing device system 400 ofthe user 110 to populate a digital wallet application with informationextracted from the nano-display card 120. Of course the resourcedistribution system 300 may be configured to perform (or instruct othersystems to perform) one or more other process steps described herein,including the steps described with respect to FIG. 5. The resourcedistribution system 300 is described in more detail with respect to FIG.3.

The computing device system 400 may be a system owned or controlled bythe managing entity, the user 110, and/or a third party that specializesin providing computers, mobile devices, or other computing devices thatare configured to securely store and maintain user account informationand/or initiate resource transfer requests. The computing device system400 may, in some embodiments, include a nano card display reader,writer, or other module configured to interact with nano-display cards.

In general, the computing device system 400 is configured to communicateinformation or instructions with the managing entity system 200, theresource distribution system 300, the nano-display card 120, the cardreader device system 130, and/or the third party system 140 across thenetwork 150. For example, the computing device system 400 may detect anano-display card interaction with the nano-display card 120, extractresource information from the nano-display card, including a dynamicdata value, transmit the dynamic data value to the managing entitysystem 200 and/or the resource distribution system 300, and receive aconfirmation that the transmitted dynamic data value matches an expecteddynamic data value for the user 110. Of course, the computing devicesystem 400 may be configured to perform (or instruct other systems toperform) one or more other process steps described herein, including thesteps described with respect to FIG. 5. The computing device system 400is described in more detail with respect to FIG. 4.

The nano-display card 120 may comprise any card or other physical devicethat includes a nano-display, or the like that is configured to storeinformation, data, codes, or the like and display dynamic authorizationinformation readable by the card reader device system 130 or computingdevice system 400. In some embodiments, the nano-display card 120 may bea physical card (e.g., a credit card, a debit card, a gift card, or thelike). The nano-display card 120 may also be embedded within orotherwise be a component of another physical element including, but notlimited to, a check, a receipt, a bill, a financial statement, anphysical letter comprising an offer for a financial account, or thelike.

In some embodiments, the nano-display card is a component of thecomputing device system 400 (e.g., a nano-display embedded in orconnected to a mobile phone, a smart watch, an Internet of thingsdevice, or the like). While a single nano-display card 120 isillustrated in FIG. 1, it should be known that multiple nano-displaycards 120 may be present in the system environment 100, and differentnano-display cards 120 may be utilized to perform one or more of theprocess steps described herein.

In some embodiments, the nano-display card 120 is in directcommunication with, or is otherwise manipulated by a dynamic resourceelement (e.g., a dynamic card verification value, a dynamic cardverification code, a digital dynamic card verification value, a timebased number, a card-unique key, or the like). For example, inembodiments where the nano-display card 120 is stored on a physicalcard, the same physical card may additionally include a digital dynamiccard verification value component that automatically, or in response toa user depressing a triggering button on the card, causes thenano-display card 120 to transmit a dynamic resource value or dynamicdata value to any card reader device system 130. The dynamic resourcevalue may comprise a multi-character code that is based on a specificalgorithm associated with the user 110 that is associated with thenano-display card (and the physical card), such that the dynamicresource value at any given time will match an expected dynamic resourcevalue that can be determined based on the specific algorithm. Thedynamic resource value may, in some embodiments, be an ordered displayof colorized blocks that indicate a certain authorization code andencryption type. In still other embodiments, the dynamic resource valuemay be displayed as a succession of ordered characters, numbers, emojis,and the like that indicate an authorization code and method ofencryption.

The nano-display card 120 may be issued by the managing entity system200, the resource distribution system 300, or a third party system 140,and/or, in some embodiments, may be manipulated (e.g., data may bewritten onto the nano-display card 120) by the computing device system400 associated with the user 110.

Information stored in the nano-display card 120 may comprise, but is notlimited to, credit card information (e.g., card number information, userinformation, billing information, and the like), debit card information,account information for the associated user 110, user informationassociated with the user (e.g., shipping address, name, other accountsof the user 110, geographic region of the user 110, transaction rulesestablished by or for the user 110, or the like), shipping information,authentication preference information, transaction amount thresholdinformation, approved transaction type information (e.g., approvedmerchants, approved product or service types, or the like), prohibitedtransaction type information (e.g., prohibited merchants, prohibitedproduct or service types, or the like), an image associated with theuser 110 (e.g., an image of the face of the user 110, a security imageassociated with the user 110, or the like), and transaction rulesassociated with the user 110 and/or an associated card or account of theuser 110.

In some embodiments, this information stored in the nano-display card120 may be stored in the form of standard codes that are readable bycard reader devices (e.g., the card reader device system 130),nano-display reader modules, automated teller machines (ATMs), or thelike. In some embodiments, at least some of the information stored inthe nano-display card 120 comprises codes that can be extracted by cardreader devices and then transmitted to the managing entity system 200and/or the resource distribution system 300 to prompt those systems tomatch the extracted codes to the associated information that can then betransmitted back to the card reader devices or associated devices orsystems. For example, information that would otherwise require thetransfer of a large amount of data (e.g., an image of the face of theuser, a transaction rule, or the like) to efficiently effectuate thecommunication of that information from the nano-display card 120 to acard reader device system 130 (which may include a computing devicesystem 400) may instead be communicated as a code which is communicatedto the managing entity system 200, which in turn responds with the largeamount of data.

The card reader device system 130, while illustrated as a stand-alonedevice, may be a component of the managing entity system 200, theresource distribution system 300, the computing device system 400,and/or a third party system 140. For example, in some embodiments, thecard reader device system 130 comprises a point of sale deviceassociated with a merchant system (e.g., a third party system 140), anATM, a mobile computing system with nano-display reader device, and thelike. In some embodiments, the card reader device system 130 comprises anano-display reader module, a camera, a sensor, or the like that isassociated with the user 110 and/or the computing device system 400 ofthe user 110. For example, the card reader device system 130 maycomprise a nano-display reader module that is a component of thecomputing device system 140. In another example, the card reader devicesystem 130 may comprise a nano-display reader module that is separatefrom the computing device system 400 of the user 110, but is known to bein a secure location associated with the user 110 (e.g., located in ahome of the user 110, located in a secure office of the user 110,located within a vehicle of the user 110, or the like). In someembodiments of this system environment 100, the user 110 is associatedwith two separate computing device systems 400 (e.g., a mobile phone anda personal computer device). In such embodiments, the card reader devicesystem 130 may comprise a nano-display reader module located within oneor both of the multiple computing device systems 400.

The card reader device system 130 may comprise a network communicationinterface, a processing device, and one or more memory devices, wherethe processing devices are configured to perform certain actions withthe memory devices and communicate these actions to the rest of thenetwork 150 through the network communication interface.

The third party system 140 may be any system that interacts with theother systems and devices of the system environment 100 including, butnot limited to, merchant systems, automated teller machine devicesystems, point of sale device systems, online merchant portal systems,regulatory agency systems, data storage systems, third party userauthentication systems, third party credit card or debit card systems,transaction systems, and the like.

FIG. 2 provides a block diagram illustrating the managing entity system200, in greater detail, in accordance with embodiments of the invention.As illustrated in FIG. 2, in one embodiment of the invention, themanaging entity system 200 includes one or more processing devices 220operatively coupled to a network communication interface 210 and amemory device 230. In certain embodiments, the managing entity system200 is operated by a first entity, such as a financial institution,while in other embodiments, the managing entity system 200 is operatedby an entity other than a financial institution.

It should be understood that the memory device 230 may include one ormore databases or other data structures/repositories. The memory device230 also includes computer-executable program code that instructs theprocessing device 220 to operate the network communication interface 210to perform certain communication functions of the managing entity system200 described herein. For example, in one embodiment of the managingentity system 200, the memory device 230 includes, but is not limitedto, a network server application 240, a managing entity application 250which includes managing entity data 252, an account application 260which includes account data 262, and other computer-executableinstructions or other data. The computer-executable program code of thenetwork server application 240, the managing entity application 250,and/or the account application 260 may instruct the processing device220 to perform certain logic, data-processing, and data-storingfunctions of the managing entity system 200 described herein, as well ascommunication functions of the managing entity system 200.

In one embodiment, the managing entity application 250 includes managingentity data 252. The managing entity data 252 may comprise userinformation for one or more users that are customers of or are otherwiseassociated with the managing entity. The managing entity data 252 mayadditionally include transaction data, including information forestablishing secure communication channels with transaction devices,authentication devices, card reader devices, and the like.

In one embodiment, the account application 260 includes the account data262. This account data 262 may include financial account information forone or more users associated with the managing entity system 200. Forexample, the account data 262 may comprise account numbers, routingnumbers, account balances, account rules, account preferences, billinginformation, credit information, loan information, authenticationinformation, dynamic resource value information, expected dynamicresource value information, and the like.

The network server application 240, the managing entity application 250,and the account application 260 are configured to invoke or use themanaging entity data 252, the account data 254, and the like whencommunicating through the network communication interface 210 with theresource distribution system 300, the one or more computing devicesystems 400, the nano-display card 120, the Card reader device system(s)130, and/or the third party system 140.

FIG. 3 provides a block diagram illustrating the resource distributionsystem 300, in greater detail, in accordance with embodiments of theinvention. As illustrated in FIG. 3, in one embodiment of the invention,the resource distribution system 300 includes one or more processingdevices 320 operatively coupled to a network communication interface 310and a memory device 330. In certain embodiments, the resourcedistribution system 300 is operated by a first entity, such as afinancial institution, while in other embodiments, the resourcedistribution system 300 is operated by an entity other than a financialinstitution.

It should be understood that the memory device 330 may include one ormore databases or other data structures/repositories. The memory device330 also includes computer-executable program code that instructs theprocessing device 320 to operate the network communication interface 310to perform certain communication functions of the resource distributionsystem 300 described herein. For example, in one embodiment of theresource distribution system 300, the memory device 330 includes, but isnot limited to, a network server application 340, a dynamic resourceapplication 350 which includes nano-display data 352, an authenticationapplication 360 which includes a authentication data 362 and user data354, and other computer-executable instructions or other data. Thecomputer-executable program code of the network server application 340,the dynamic resource application 350, and/or the authenticationapplication 360 may instruct the processing device 320 to performcertain logic, data-processing, and data-storing functions of theresource distribution system 300 described herein, as well ascommunication functions of the resource distribution system 300.

In one embodiment, the dynamic resource application 350 includesnano-display data 352. The nano-display data 352 may compriseinformation for writing data or information associated with one or moreusers onto nano-display cards associated with those one or more users.The nano-display data 352 may additionally or alternatively includeinformation for comparing data received from nano-display interactionsto a stored database (e.g., a relational database) of associatedinformation. For example, the nano-display data 352 may include codesand associated information (e.g., transaction rules, images of users,documents associated with users, or the like) such that when theresource distribution system 300 receives a code from a nano-displayinteraction, the dynamic resource application 350 can match that code toits associated data in the database to identify or determine theassociated information that is being referenced.

In one embodiment, the authentication application 360 includesauthentication data 362 and user data 364. The authentication data 362may include passwords, personal identification numbers, securityquestions, biometric information, dynamic resource value information,expected dynamic resource value information, authentication images(e.g., images of a user's face), stepped-up authentication information,or other authentication credentials (including secondary or stepped-upauthentication credentials) associated with one or more users. Thisauthentication data 362 can be accessed by the authenticationapplication 360 to compare received authentication credentials to thestored authentication credentials when determining whether a user isauthorized for a transaction, for receiving access to an account, forreceiving access to a digital wallet, or the like. The user data 364 maycomprise any additional information that the authentication application360 may store for use in authenticating a user, establishing anano-display card for a user (e.g., populating the nano-display withinformation about the user, the user's authentication requirements orrules, the user's account information, or the like).

The network server application 340, the dynamic resource application350, and the authentication application 360 are configured to invoke oruse the nano-display data 352, the authentication data 362, the userdata 364, and the like when communicating through the networkcommunication interface 310 with the managing entity system 200, the oneor more computing device systems 400, the nano-display card 120, theCard reader device system(s) 130, and/or third party systems 140.

FIG. 4 provides a block diagram illustrating a computing device system400 of FIG. 1 in more detail, in accordance with embodiments of theinvention. In one embodiment of the invention, the computing devicesystem 400 is a mobile telephone. However, it should be understood thata mobile telephone is merely illustrative of one type of computingdevice system 400 that may benefit from, employ, or otherwise beinvolved with embodiments of the present invention and, therefore,should not be taken to limit the scope of embodiments of the presentinvention. Other types of computing devices may include portable digitalassistants (PDAs), pagers, mobile televisions, desktop computers,workstations, laptop computers, cameras, video recorders, audio/videoplayer, radio, GPS devices, wearable devices, Internet-of-thingsdevices, augmented reality devices, virtual reality devices, automatedteller machine devices, electronic kiosk devices, or any combination ofthe aforementioned.

Furthermore, it should be known that multiple computing device systems400 may be owned by or accessed by the user 110 within the systemenvironment 100 of FIG. 1, and these separate computing device systems400 may be in network communication with each other and the othersystems and devices of the system environment 100. For example, a firstcomputing device system 400 may comprise a mobile phone of the user 110that includes an NFC chip with resource data stored therein, and thismobile phone may be placed within an NFC interaction distance from anNFC reader device of a second computing device system 400 that comprisesa personal computer of the user 110.

Some embodiments of the computing device system 400 include a processor410 communicably coupled to such devices as a memory 420, user outputdevices 436, user input devices 440, a network interface 460, a powersource 415, a clock or other timer 450, a camera 480, and a positioningsystem device 475. The processor 410, and other processors describedherein, generally include circuitry for implementing communicationand/or logic functions of the computing device system 400. For example,the processor 410 may include a digital signal processor device, amicroprocessor device, and various analog to digital converters, digitalto analog converters, and/or other support circuits. Control and signalprocessing functions of the computing device system 400 are allocatedbetween these devices according to their respective capabilities. Theprocessor 410 thus may also include the functionality to encode andinterleave messages and data prior to modulation and transmission. Theprocessor 410 can additionally include an internal data modem. Further,the processor 410 may include functionality to operate one or moresoftware programs, which may be stored in the memory 420. For example,the processor 410 may be capable of operating a connectivity program,such as a web browser application 422. The web browser application 422may then allow the computing device system 400 to transmit and receiveweb content, such as, for example, location-based content and/or otherweb page content, according to a Wireless Application Protocol (WAP),Hypertext Transfer Protocol (HTTP), and/or the like.

The processor 410 is configured to use the network interface 460 tocommunicate with one or more other devices on the network 150. In thisregard, the network interface 460 includes an antenna 476 operativelycoupled to a transmitter 474 and a receiver 472 (together a“transceiver”). The processor 410 is configured to provide signals toand receive signals from the transmitter 474 and receiver 472,respectively. The signals may include signaling information inaccordance with the air interface standard of the applicable cellularsystem of a wireless network. In this regard, the computing devicesystem 400 may be configured to operate with one or more air interfacestandards, communication protocols, modulation types, and access types.By way of illustration, the computing device system 400 may beconfigured to operate in accordance with any of a number of first,second, third, and/or fourth-generation communication protocols and/orthe like. For example, the computing device system 400 may be configuredto operate in accordance with second-generation (2G) wirelesscommunication protocols IS-136 (time division multiple access (TDMA)),GSM (global system for mobile communication), and/or IS-95 (codedivision multiple access (CDMA)), or with third-generation (3G) wirelesscommunication protocols, such as Universal Mobile TelecommunicationsSystem (UMTS), CDMA2000, wideband CDMA (WCDMA) and/or timedivision-synchronous CDMA (TD-SCDMA), with fourth-generation (4G)wireless communication protocols, with LTE protocols, with 4GPPprotocols and/or the like. The computing device system 400 may also beconfigured to operate in accordance with non-cellular communicationmechanisms, such as via a wireless local area network (WLAN) or othercommunication/data networks.

As described above, the computing device system 400 has a user interfacethat is, like other user interfaces described herein, made up of useroutput devices 436 and/or user input devices 440. The user outputdevices 436 include a display 430 (e.g., a liquid crystal display or thelike) and a speaker 432 or other audio device, which are operativelycoupled to the processor 410.

The user input devices 440, which allow the computing device system 400to receive data from a user such as the user 110, may include any of anumber of devices allowing the computing device system 400 to receivedata from the user 110, such as a keypad, keyboard, touch-screen,touchpad, microphone, mouse, joystick, other pointer device, button,soft key, and/or other input device(s). The user interface may alsoinclude a camera 480, such as a digital camera.

The computing device system 400 may also include a positioning systemdevice 475 that is configured to be used by a positioning system todetermine a location of the computing device system 400. For example,the positioning system device 475 may include a GPS transceiver. In someembodiments, the positioning system device 475 is at least partiallymade up of the antenna 476, transmitter 474, and receiver 472 describedabove. For example, in one embodiment, triangulation of cellular signalsmay be used to identify the approximate or exact geographical locationof the computing device system 400. In other embodiments, thepositioning system device 475 includes a proximity sensor ortransmitter, such as an RFID tag, that can sense or be sensed by devicesknown to be located proximate a merchant or other location to determinethat the computing device system 400 is located proximate these knowndevices.

The computing device system 400 further includes a power source 415,such as a battery, for powering various circuits and other devices thatare used to operate the computing device system 400. Embodiments of thecomputing device system 400 may also include a clock or other timer 450configured to determine and, in some cases, communicate actual orrelative time to the processor 410 or one or more other devices.

The computing device system 400 also includes a memory 420 operativelycoupled to the processor 410. As used herein, memory includes anycomputer readable medium (as defined herein below) configured to storedata, code, or other information. The memory 420 may include volatilememory, such as volatile Random Access Memory (RAM) including a cachearea for the temporary storage of data. The memory 420 may also includenon-volatile memory, which can be embedded and/or may be removable. Thenon-volatile memory can additionally or alternatively include anelectrically erasable programmable read-only memory (EEPROM), flashmemory or the like.

The memory 420 can store any of a number of applications which comprisecomputer-executable instructions/code executed by the processor 410 toimplement the functions of the computing device system 400 and/or one ormore of the process/method steps described herein. For example, thememory 420 may include such applications as a conventional web browserapplication 422, or a nano-display application 421, a digital walletapplication 424, (or any other application provided by the managingentity system 200). These applications also typically instructions to agraphical user interface (GUI) on the display 430 that allows the user110 to interact with the computing device system 400, the managingentity system 200, and/or other devices or systems. In one embodiment ofthe invention, when the user 110 decides to enroll in a nano-displayapplication 421 program, the user 110 downloads, is assigned, orotherwise obtains the nano-display application 421 from the managingentity system 200, or from a distinct application server (e.g., from theresource distribution system 300). In other embodiments of theinvention, the user 110 interacts with the managing entity system 200 orthe resource distribution system 300 via the web browser application 422in addition to, or instead of, the nano-display application 421. Thesame mechanisms may be put in place to install, store, or otherwiseaccess the digital wallet application 424.

The memory 420 of the computing device system 400 may comprise a ShortMessage Service (SMS) application 423 configured to send, receive, andstore data, information, communications, alerts, and the like via awireless telephone network.

The nano-display application 421 may comprise an application stored inthe memory 420 that is configured to control and/or communicate with anano-display module 495 of the mobile device system 400 to receivenano-display data or information (e.g., codes, signals, or the like)from nano-display cards (e.g., the nano-display card 120 described withrespect to FIG. 1). The nano-display application 421 may also beconfigured to communicate information received from the nano-displaymodule 495 to the digital wallet application 424, the web browserapplication 422, and/or the SMS application 423. In some embodiments,the nano-display application 421 may be configured to receiveinstructions from a separate system (e.g., the managing entity system200, the resource distribution system 300, a separate computing devicesystem 400, an card reader device system 130, and/or a third partysystem 140 like a merchant system) and cause one or more components ofthe computing device system 400 to perform one or more actions. Forexample, the nano-display application 421 may be configured to receiveinstructions for erasing certain information from a nano-display cardand writing new information on that nano-display card. The nano-displayapplication 421 may then cause the nano-display module 495 to erase thecertain information from a nano-display card that is within aninteraction distance of the nano-display module 495 and then write thenew information onto the nano-display card.

The digital wallet application 424 of the computing device system 400may comprise an application created by and/or managed by a financialinstitution that is configured to securely store financial information,account information, user information, billing information, shippinginformation, authentication information, dynamic resource valueinformation (e.g., dynamic card verification code information), or thelike. The digital wallet application 424 may be configured to receiveaccount or card information (e.g., credit card information) from thathas been extracted from a nano-display card and automatically populatefields within the digital wallet application 424 with the extractedinformation. For example, the extracted information may be formattedsuch that the information type and the information field is known and bythe digital wallet application 424 (e.g., based on position or codingwithin the extracted nano-display data) and can therefore be matched toan applicable field of the digital wallet application 424.

The digital wallet application 424 may additionally be configured toinitiate or otherwise communicate information as part of a transactionrequest. For example, the user 110 may use the computing device system400 to initiate a transaction by tapping or otherwise positioning thenano-display module 495 of the computing device system 400 within aninteraction distance from a point of sale device comprising an cardreader device (e.g., the card reader device system 130). Thisinteraction may prompt the digital wallet application 424 to providetransaction information (e.g., credit card information, user name,billing information, and/or the like), and the digital walletapplication 424 may then transmit the transaction information to thepoint of sale device for the purpose of conducting and/or authenticatingthe requested transaction.

The memory 420 can also store any of a number of pieces of information,and data, used by the computing device system 400 and the applicationsand devices that make up the computing device system 400 or are incommunication with the computing device system 400 to implement thefunctions of the computing device system 400 and/or the other systemsdescribed herein. For example, the memory 420 may include such data astransaction history data, positional data of the computing device system400, and the like.

Referring now to FIG. 5, a block diagram is provided to illustrate oneembodiment of a nano-display, in accordance with embodiments of theinvention. As shown, the nano-display includes nano-display field array50, which includes on or more nano-display field(s) 45. Each of the oneor more nano-display field(s) 45 may be configured to display prestoredcolored images that are illuminated by the nano-display. In someembodiments, the nano-display field array may be comprised of lightemitting diodes, otherwise known as an LED display. As shown in therepresentative embodiment of FIG. 5, the height of the nano-displayfield array 50 may be designed to be a height of less than 5millimeters, allowing the nano-display field array 50 to be placedinconspicuously on a carriable user device or payment card. Therelatively small size of the nano-display is intentionally designed toenhance security of the system by thwarting the ability of a third partyor malfeasant user from observing or attempting to decipher informationshown on the nano-display.

Each of the nano-display field(s) 45 in FIG. 5 conveys alphanumericcharacters that are represented by colors and color shades in thisparticular embodiment. In this specific embodiment depicted, the firstcharacter represents a color, while the second character represents ashade. For instance, R1 as shown in the nano-display field 45 to the farleft may represent a “first” shade of red, whereas P2 shown on the farright may represent a “second” shade of purple. It is notable that theembodiment in FIG. 5 does not contain any repeated shades of colors,which allows the nano-display field array to convey a wide range ofinformation via differing shades of color. As discussed previously, thenano-display field array may be configured in further embodiments todisplay other information besides color alone, such as alphanumericcharacters, emojis, pictures, and the like. As further depicted in FIG.5, the nano-display field array(s) 45 are connected to an inbuildintegrated circuit chip 40 via individualized field array circuits 42which correspond to each of the one or more nano-display field array(s)45. Also located on the inbuild integrated circuit chip 40 is a cardencryption controller 610, discussed in more detail with regard to FIG.7, and a direct current (DC) power input 41 which is designed to drawpower from the card reader device system 130 during connection or whilethe nano-display card is being used with the card reader device systemto convey information within an interaction distance.

Referring now to FIG. 6, a block diagram is provided of a nano-displaycard and displayed information, in accordance with one embodiment of theinvention. The nano-display field array 50, as discussed in FIG. 5, isshown represented on the nano-display card 120. In some embodiments, thenano-display field array 50 may be displayed on one or both sides of thenano-display card 120. While any amount or variety of other informationmay be placed on the nano-display card 120, such as a name of a managingentity, a photo of a user, and the like, this information may beminimized in some embodiments in order to limit the amount of availableidentifying information to third parties, and thus increase the securityof the system and the use of the nano-display card 120.

As shown the nano-display field array 50 may be configured to displaycertain information in specific nano-display fields 45. For instance, inthe representative embodiment shown in FIG. 6, algorithm locator fields51 are displayed in the first two nano-display array fields. Thealgorithm locator fields are encoded to communicate to the card readerdevice system 130 the location of the algorithm indicator fields 53. Aspreviously discussed, the system is designed to encrypt user credentialsusing a selection of two unique encryption algorithms, producingencrypted user credentials 52 shown located in field three through field8 in FIG. 6.

The multiple encryption algorithms selected by the system in any giveniteration of encrypted information on the nano-display field array 50are indicated in respective fields on the nano-display field array 50.In the embodiment shown in FIG. 6, the fields that communicate theencryption algorithms selected are field nine and field ten. This isindicated using the algorithm locator fields 51, fields one and two inFIG. 6, which display the numeric characters “9” and “10” respectively.This information indicates that fields nine and ten indicate theencryption algorithms used during this particular iteration. It isunderstood that the fields indicating the algorithms used to encrypt theuser credentials, or the algorithm indicator fields 53, may change witheach encryption iteration, in which case the algorithm locator fields 51will also change accordingly. It is also noted that the nano-displayfield array 50 does not actually display the alphanumeric digits shownabove it in FIG. 6, as indicated by the continued use of color codecharacters on the nano-display card 120 itself, as discussed in FIG. 5.While the representative embodiment used here continues with the exampleof color codes on the nano-display field array 50, it is again notedthat the system design contemplates the use of other identifyinginformation that may be displayed on the nano-display field array 50,such as pictures, designs, emojis, alphanumeric characters and the like.As information is communicated to the card reader device system 130, thecolor code information, or other displayed information, is transmittedfrom the nano-display card 120 to the card reader device system 130where it is interpreted and converted to the appropriate alphanumericcharacters to be analyzed and decrypted.

Referring now to FIG. 7, a block diagram is provided to illustrate theinterface between nano-display card and card reader device system, inaccordance with embodiments of the invention. As shown, the nano-displaycard 120 includes a card encryption controller 610, an encryption layer612, and a card intelligence controller 614. The card encryptioncontroller 610 is tasked with maintaining a transient timeout value thattriggers the encryption of user credentials every certain amount oftime, which may be a number of seconds, minutes, hours, and the likeaccording to the manner in which the card encryption controller 610 isconfigured in a given embodiment of the invention. Once encryption istriggered by the card encryption controller 610, the encryption layer612 then uses an adaptive encryption algorithm to double encrypt theuser credentials. As discussed previously, the encryption layer 612selects two different encryption algorithms with each iteration,ensuring that the same two encryption algorithms are not repeated withina given number of iterations. For example, if the invention isconfigured to select from 100 different algorithms, then the inventionmay be configured not to repeat the use of any one particular algorithmfor a number of 50 encryption iterations.

Next, the card intelligence controller 614 is utilized to select adisplay scheme that will be displayed on the nano-display field array50. Again, the invention is configured to avoid repetition betweeniterations in the vein of maximizing security. For instance, if acertain shade of a color is used to represent an encrypted alphanumericcharacter in the encrypted user credentials 52, the invention willautomatically rule out color schemes in which the same alphanumericcharacter is represented by the same array display value, such as thesame color or shade of color. The field interpreter 620 then interpretsthe displayed colors on the nano-display field array in order todecipher the field scheme used and the encryption schemes used. Thefield interpreter 620 appends the field scheme identifier 622 and thefield encryption identifier 624 to the encrypted user credentials 52,and sends this information to the decryption controller 626. Thedecryption controller contains the necessary information to decrypt theencrypted user credentials 52, and outputs the decrypted usercredentials 628, which may then be forwarded to the third party system140, managing entity system 200, or resource distribution system 300depending on the embodiment of the invention.

Referring now to FIG. 8, a flowchart is provided to illustrate oneembodiment of a process for secure distribution of resources viatransient pliant encryption with indicative nano-display cards, inaccordance with embodiments of the invention. In some embodiments, theprocess 500 may include block 502, where the system receives and storesuser credentials. In some embodiments, this the user credentials arestored on the nano-display card 120 itself, while in other embodimentsthe user credentials may be stored by the managing entity system 200 oron a computing device system 400 that is designed to interface with thenano-display card 120. The user credentials may include any number ofpieces of identifying information or authorization credentials, such asa credit card number, expiration date, card verification value (CVV),and the like.

Next, as shown in block 504, the system selects two encryptionalgorithms from a repository of encryption algorithms. While the systemmay include any number of different encryption algorithms, the systemmay, for example, include 100 separate algorithms labeled 1 to 100. Thesystem then encrypts the user credentials twice, or double encrypts theuser credentials, in order to obtain an encrypted value for the usercredentials, as shown in block 506.

The double encrypted user credentials are then mapped to thenano-display array located on the nano-display card 120, as shown inblock 508. For instance, the nano-display card may include a panel thatcontains an array of 10 display fields programmed to display a set ofprestored values, alphanumeric characters, emojis, colors, and the like.The system maps the double encrypted user credentials to a set number ofdisplay fields on the nano-display array. At the same time, the systemalso maps values indicating the selected encryption algorithms to twospecific fields on the array of the nano-display card 120. For instance,in some embodiments, the nano-display array may be configure to displaya series of colors, and the system may map the encrypted values for theuser credentials and encryption algorithms to specific colors. In thisway, the array on the nano-display card 120 will indicate the encryptedvalue of the user credentials, and also indicate the encryptionalgorithms used so that the card reader device system 130 may decipherand decrypt the displayed information.

Next, the system displays the mapped values for the encrypted usercredentials and the value indicating the selected encryption algorithmson the nano-display array of the nano-display card 120. For example, insome embodiments, the nano-display array is a series of colors that aremapped to the encrypted user credentials. The encrypted values aremapped, as discussed previously, to a specific color to be displayed onspecific field of the nano-display array. As shown in block 514, thesteps of encryption, field mapping, and displaying are repeated at agiven interval. For instance, the system may be configured to re-enryptthe user credentials every two minutes, such that the displayedinformation on the nano-display card 120 changes after the giveninterval. It is understood that this interval of time may be any setamount of time as determined by the system, the user, or a systemadministrator. To an uninformed observer, the nano-display array simplydisplays an array of colored fields that change after the programmedtime interval.

In the interest of added security, the system is also designed not torepeat use of the same two encryption algorithms or to display the sameresulting mapped information on the nano-display card 120 at back toback intervals. This may be achieved using a number of methods or acombination of methods. For instance, the system may be configured toselect two algorithms from algorithms 1 to 100 only once for every 50encryptions. In another embodiment, the system may compare theiterations of the algorithms to ensure that the specific order in whichmultiple algorithms used is not repeated. Furthermore, the system mayinitiate post-encryption changes during the field mapping step in orderto ensure that the display array does not display the same value,character, or color in back to back iterations, or to ensure that thesame value, character, or color does not represent the same underlyingencrypted value in two back to back iterations. For instance, if thesystem determines that the number 8 should be mapped using the colororange in one iteration, the system will check in the next iteration toensure that orange is not used to represent the number 8 in the nextiteration. Additionally, the system may reorganize the mapping structurein order to ensure that the information displayed on the nano-displaycard is not conveyed in a predictable manner. For instance, thenano-display card 120 may include 10 fields on the display array, eachable to display a color. In one iteration, field 9 and field 10 mayindicate the specific algorithms used to encrypt the user credentials.In some embodiments, the system may ensure that fields 1 through 8 areused during the following iteration in order to ensure that the samefields do not contain the same identifying information in back to backdisplay iterations.

As will be appreciated by one of skill in the art, the present inventionmay be embodied as a method (including, for example, acomputer-implemented process, a business process, and/or any otherprocess), apparatus (including, for example, a system, machine, device,computer program product, and/or the like), or a combination of theforegoing. Accordingly, embodiments of the present invention may takethe form of an entirely hardware embodiment, an entirely softwareembodiment (including firmware, resident software, micro-code, and thelike), or an embodiment combining software and hardware aspects that maygenerally be referred to herein as a “system.” Furthermore, embodimentsof the present invention may take the form of a computer program producton a computer-readable medium having computer-executable program codeembodied in the medium.

Any suitable transitory or non-transitory computer readable medium maybe utilized. The computer readable medium may be, for example but notlimited to, an electronic, magnetic, optical, electromagnetic, infrared,or semiconductor system, apparatus, or device. More specific examples ofthe computer readable medium include, but are not limited to, thefollowing: an electrical connection having one or more wires; a tangiblestorage medium such as a portable computer diskette, a hard disk, arandom access memory (RAM), a read-only memory (ROM), an erasableprogrammable read-only memory (EPROM or Flash memory), a compact discread-only memory (CD-ROM), or other optical or magnetic storage device.

In the context of this document, a computer readable medium may be anymedium that can contain, store, communicate, or transport the programfor use by or in connection with the instruction execution system,apparatus, or device. The computer usable program code may betransmitted using any appropriate medium, including but not limited tothe Internet, wireline, optical fiber cable, radio frequency (RF)signals, or other mediums.

Computer-executable program code for carrying out operations ofembodiments of the present invention may be written in an objectoriented, scripted or unscripted programming language such as Java,Perl, Smalltalk, C++, or the like. However, the computer program codefor carrying out operations of embodiments of the present invention mayalso be written in conventional procedural programming languages, suchas the “C” programming language or similar programming languages.

Embodiments of the present invention are described above with referenceto flowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products. It will be understood thateach block of the flowchart illustrations and/or block diagrams, and/orcombinations of blocks in the flowchart illustrations and/or blockdiagrams, can be implemented by computer-executable program codeportions. These computer-executable program code portions may beprovided to a processor of a general purpose computer, special purposecomputer, or other programmable data processing apparatus to produce aparticular machine, such that the code portions, which execute via theprocessor of the computer or other programmable data processingapparatus, create mechanisms for implementing the functions/actsspecified in the flowchart and/or block diagram block or blocks.

These computer-executable program code portions may also be stored in acomputer-readable memory that can direct a computer or otherprogrammable data processing apparatus to function in a particularmanner, such that the code portions stored in the computer readablememory produce an article of manufacture including instructionmechanisms which implement the function/act specified in the flowchartand/or block diagram block(s).

The computer-executable program code may also be loaded onto a computeror other programmable data processing apparatus to cause a series ofoperational steps to be performed on the computer or other programmableapparatus to produce a computer-implemented process such that the codeportions which execute on the computer or other programmable apparatusprovide steps for implementing the functions/acts specified in theflowchart and/or block diagram block(s). Alternatively, computer programimplemented steps or acts may be combined with operator or humanimplemented steps or acts in order to carry out an embodiment of theinvention.

As the phrase is used herein, a processor may be “configured to” performa certain function in a variety of ways, including, for example, byhaving one or more general-purpose circuits perform the function byexecuting particular computer-executable program code embodied incomputer-readable medium, and/or by having one or moreapplication-specific circuits perform the function.

Embodiments of the present invention are described above with referenceto flowcharts and/or block diagrams. It will be understood that steps ofthe processes described herein may be performed in orders different thanthose illustrated in the flowcharts. In other words, the processesrepresented by the blocks of a flowchart may, in some embodiments, be inperformed in an order other that the order illustrated, may be combinedor divided, or may be performed simultaneously. It will also beunderstood that the blocks of the block diagrams illustrated, in someembodiments, merely conceptual delineations between systems and one ormore of the systems illustrated by a block in the block diagrams may becombined or share hardware and/or software with another one or more ofthe systems illustrated by a block in the block diagrams. Likewise, adevice, system, apparatus, and/or the like may be made up of one or moredevices, systems, apparatuses, and/or the like. For example, where aprocessor is illustrated or described herein, the processor may be madeup of a plurality of microprocessors or other processing devices whichmay or may not be coupled to one another. Likewise, where a memory isillustrated or described herein, the memory may be made up of aplurality of memory devices which may or may not be coupled to oneanother.

While certain exemplary embodiments have been described and shown in theaccompanying drawings, it is to be understood that such embodiments aremerely illustrative of, and not restrictive on, the broad invention, andthat this invention not be limited to the specific constructions andarrangements shown and described, since various other changes,combinations, omissions, modifications and substitutions, in addition tothose set forth in the above paragraphs, are possible. Those skilled inthe art will appreciate that various adaptations and modifications ofthe just described embodiments can be configured without departing fromthe scope and spirit of the invention. Therefore, it is to be understoodthat, within the scope of the appended claims, the invention may bepracticed other than as specifically described herein.

The invention claimed is:
 1. A system for transient pliant encryptionwith indicative nano-display cards, the system comprising: a memorydevice; and a processing device operatively coupled to the memorydevice, wherein the processing device is configured to executecomputer-readable program code to: receive and store user credentialsfor a user; double encrypt the stored user credentials, wherein doubleencrypting the stored user credentials further comprises the use of twodifferent encryption algorithms; generate a colorized display mappingfor the encrypted user credentials via a nano-display, wherein thenano-display comprises an array of fields indicating the encrypted usercredentials, wherein the array of fields maps to encrypted usercredentials and values indicating the one or more encryption algorithmsused to encrypt the user credentials, and wherein the values indicatingthe one or more encryption algorithms used to encrypt the usercredentials are randomly positioned in a different field on the array offields for each successive encryption; establish a timeout value,wherein the timeout value comprises an amount of time for which theencrypted user credentials are displayed via the nano-display; at theend of the timeout value, trigger a repetition of the double encryption;and generate and display an updated colorized display mapping via thenano-display.
 2. The system of claim 1, wherein the nano-displaycomprises a display with a height of less than 1 millimeter.
 3. Thesystem of claim 1, wherein double encrypting the stored user credentialsat a specified interval of time further comprises: selecting twoencryptions algorithms from a repository of stored encryptionsalgorithms; and ensuring that encrypted output from the two selectedencryption algorithms does not produce an identical value for anidentical field on the nano-display as compared to the immediatelypreceding encryption output.
 4. The system of claim 1, wherein the arrayof fields indicated the encrypted user credentials further comprisesmultiple colorized fields, wherein a color displayed on the multiplecolorized fields indicates an alphanumeric character.
 5. The system ofclaim 1, wherein the nano-display further comprises a light emittingdiode display configured to display prestored colored images, whereinthe colored images comprise a selection of shades of the prestoredcolored images.
 6. A computer-implemented method for transient pliantencryption with indicative nano-display cards, the system comprising:receiving and storing user credentials for a user; double encrypting thestored user credentials, wherein double encrypting the stored usercredentials further comprises the use of two different encryptionalgorithms; generating a colorized display mapping for the encrypteduser credentials via a nano-display, wherein the nano-display comprisesan array of fields indicating the encrypted user credentials, whereinthe array of fields maps to encrypted user credentials and valuesindicating the one or more encryption algorithms used to encrypt theuser credentials, and wherein the values indicating the one or moreencryption algorithms used to encrypt the user credentials are randomlypositioned in a different field on the array of fields for eachsuccessive encryption; establishing a timeout value, wherein the timeoutvalue comprises an amount of time for which the encrypted usercredentials are displayed via the nano-display; at the end of thetimeout value, triggering a repetition of the double encryption; andgenerating and displaying an updated colorized display mapping via thenano-display.
 7. The computer-implemented method of claim 6, wherein thenano-display comprises a display with a height of less than 1millimeter.
 8. The computer-implemented method of claim 6, whereindouble encrypting the stored user credentials at a specified interval oftime further comprises: selecting two encryptions algorithms from arepository of stored encryptions algorithms; and ensuring that encryptedoutput from the two selected encryption algorithms does not produce anidentical value for an identical field on the nano-display as comparedto the immediately preceding encryption output.
 9. Thecomputer-implemented method of claim 6, wherein the array of fieldsindicated the encrypted user credentials further comprises multiplecolorized fields, wherein a color displayed on the multiple colorizedfields indicates an alphanumeric character.
 10. The computer-implementedmethod of claim 6, wherein the nano-display further comprises a lightemitting diode display configured to display prestored colored images.11. A computer program product for transient pliant encryption withindicative nano-display cards, the computer program product comprisingat least one non-transitory computer-readable medium havingcomputer-readable program code portions embodied therein, thecomputer-readable program code portions comprising: an executableportion configured for receiving and storing user credentials for auser; an executable portion configured for double encrypting the storeduser credentials, wherein double encrypting the stored user credentialsfurther comprises the use of two different encryption algorithms; anexecutable portion configured for generating a colorized display mappingfor the encrypted user credentials via a nano-display, wherein thenano-display comprises an array of fields indicating the encrypted usercredentials, wherein the array of fields maps to encrypted usercredentials and values indicating the one or more encryption algorithmsused to encrypt the user credentials, and wherein the values indicatingthe one or more encryption algorithms used to encrypt the usercredentials are randomly positioned in a different field on the array offields for each successive encryption; an executable portion configuredfor establishing a timeout value, wherein the timeout value comprises anamount of time for which the encrypted user credentials are displayedvia the nano-display; an executable portion configured for, at the endof the timeout value, triggering a repetition of the double encryption;and an executable portion configured for generating and displaying anupdated colorized display mapping via the nano-display.
 12. The computerprogram product of claim 11, wherein double encrypting the stored usercredentials at a specified interval of time further comprises: selectingtwo encryptions algorithms from a repository of stored encryptionsalgorithms; and ensuring that encrypted output from the two selectedencryption algorithms does not produce an identical value for anidentical field on the nano-display as compared to the immediatelypreceding encryption output.
 13. The computer program product of claim11, wherein the array of fields indicated the encrypted user credentialsfurther comprises multiple colorized fields, wherein a color displayedon the multiple colorized fields indicates an alphanumeric character.14. The computer program product of claim 11, wherein the nano-displayfurther comprises a light emitting diode display configured to displayprestored colored images.